commit: 6cf5ebe727d6049ac15e0b369590e6f4124c4791 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> AuthorDate: Fri Feb 11 12:33:31 2022 +0000 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> CommitDate: Fri Feb 11 12:33:31 2022 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=6cf5ebe7
Linux patch 5.16.9 Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> 0000_README | 4 ++ 1008_linux-5.16.9.patch | 174 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 178 insertions(+) diff --git a/0000_README b/0000_README index 13f566fe..9fe7df04 100644 --- a/0000_README +++ b/0000_README @@ -75,6 +75,10 @@ Patch: 1007_linux-5.16.8.patch From: http://www.kernel.org Desc: Linux 5.16.8 +Patch: 1008_linux-5.16.9.patch +From: http://www.kernel.org +Desc: Linux 5.16.9 + Patch: 1500_XATTR_USER_PREFIX.patch From: https://bugs.gentoo.org/show_bug.cgi?id=470644 Desc: Support for namespace user.pax.* on tmpfs. diff --git a/1008_linux-5.16.9.patch b/1008_linux-5.16.9.patch new file mode 100644 index 00000000..c798eacb --- /dev/null +++ b/1008_linux-5.16.9.patch @@ -0,0 +1,174 @@ +diff --git a/Makefile b/Makefile +index 0cbab4df51b92..1f32bb42f3288 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,7 +1,7 @@ + # SPDX-License-Identifier: GPL-2.0 + VERSION = 5 + PATCHLEVEL = 16 +-SUBLEVEL = 8 ++SUBLEVEL = 9 + EXTRAVERSION = + NAME = Gobble Gobble + +diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c +index 8fc9c79c899b5..41a6fe086fdc3 100644 +--- a/arch/s390/kvm/kvm-s390.c ++++ b/arch/s390/kvm/kvm-s390.c +@@ -4711,6 +4711,8 @@ static long kvm_s390_guest_sida_op(struct kvm_vcpu *vcpu, + return -EINVAL; + if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block)) + return -E2BIG; ++ if (!kvm_s390_pv_cpu_is_protected(vcpu)) ++ return -EINVAL; + + switch (mop->op) { + case KVM_S390_MEMOP_SIDA_READ: +diff --git a/crypto/algapi.c b/crypto/algapi.c +index a366cb3e8aa18..76fdaa16bd4a0 100644 +--- a/crypto/algapi.c ++++ b/crypto/algapi.c +@@ -1324,3 +1324,4 @@ module_exit(crypto_algapi_exit); + + MODULE_LICENSE("GPL"); + MODULE_DESCRIPTION("Cryptographic algorithms API"); ++MODULE_SOFTDEP("pre: cryptomgr"); +diff --git a/crypto/api.c b/crypto/api.c +index cf0869dd130b3..7ddfe946dd56b 100644 +--- a/crypto/api.c ++++ b/crypto/api.c +@@ -643,4 +643,3 @@ EXPORT_SYMBOL_GPL(crypto_req_done); + + MODULE_DESCRIPTION("Cryptographic core API"); + MODULE_LICENSE("GPL"); +-MODULE_SOFTDEP("pre: cryptomgr"); +diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c +index 1cdf8cfcc31b3..94bc5dbb31e1e 100644 +--- a/drivers/ata/libata-core.c ++++ b/drivers/ata/libata-core.c +@@ -2486,23 +2486,21 @@ static void ata_dev_config_cpr(struct ata_device *dev) + struct ata_cpr_log *cpr_log = NULL; + u8 *desc, *buf = NULL; + +- if (!ata_identify_page_supported(dev, +- ATA_LOG_CONCURRENT_POSITIONING_RANGES)) ++ if (ata_id_major_version(dev->id) < 11 || ++ !ata_log_supported(dev, ATA_LOG_CONCURRENT_POSITIONING_RANGES)) + goto out; + + /* +- * Read IDENTIFY DEVICE data log, page 0x47 +- * (concurrent positioning ranges). We can have at most 255 32B range +- * descriptors plus a 64B header. ++ * Read the concurrent positioning ranges log (0x47). We can have at ++ * most 255 32B range descriptors plus a 64B header. + */ + buf_len = (64 + 255 * 32 + 511) & ~511; + buf = kzalloc(buf_len, GFP_KERNEL); + if (!buf) + goto out; + +- err_mask = ata_read_log_page(dev, ATA_LOG_IDENTIFY_DEVICE, +- ATA_LOG_CONCURRENT_POSITIONING_RANGES, +- buf, buf_len >> 9); ++ err_mask = ata_read_log_page(dev, ATA_LOG_CONCURRENT_POSITIONING_RANGES, ++ 0, buf, buf_len >> 9); + if (err_mask) + goto out; + +diff --git a/drivers/mmc/host/moxart-mmc.c b/drivers/mmc/host/moxart-mmc.c +index 16d1c7a43d331..b6eb75f4bbfc6 100644 +--- a/drivers/mmc/host/moxart-mmc.c ++++ b/drivers/mmc/host/moxart-mmc.c +@@ -705,12 +705,12 @@ static int moxart_remove(struct platform_device *pdev) + if (!IS_ERR_OR_NULL(host->dma_chan_rx)) + dma_release_channel(host->dma_chan_rx); + mmc_remove_host(mmc); +- mmc_free_host(mmc); + + writel(0, host->base + REG_INTERRUPT_MASK); + writel(0, host->base + REG_POWER_CONTROL); + writel(readl(host->base + REG_CLOCK_CONTROL) | CLK_OFF, + host->base + REG_CLOCK_CONTROL); ++ mmc_free_host(mmc); + + return 0; + } +diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c +index 32300bd6af7ab..1ff1e52f398fc 100644 +--- a/fs/ksmbd/smb2pdu.c ++++ b/fs/ksmbd/smb2pdu.c +@@ -2688,7 +2688,7 @@ int smb2_open(struct ksmbd_work *work) + (struct create_posix *)context; + if (le16_to_cpu(context->DataOffset) + + le32_to_cpu(context->DataLength) < +- sizeof(struct create_posix)) { ++ sizeof(struct create_posix) - 4) { + rc = -EINVAL; + goto err_out1; + } +diff --git a/include/linux/ata.h b/include/linux/ata.h +index 199e47e97d645..21292b5bbb550 100644 +--- a/include/linux/ata.h ++++ b/include/linux/ata.h +@@ -324,12 +324,12 @@ enum { + ATA_LOG_NCQ_NON_DATA = 0x12, + ATA_LOG_NCQ_SEND_RECV = 0x13, + ATA_LOG_IDENTIFY_DEVICE = 0x30, ++ ATA_LOG_CONCURRENT_POSITIONING_RANGES = 0x47, + + /* Identify device log pages: */ + ATA_LOG_SECURITY = 0x06, + ATA_LOG_SATA_SETTINGS = 0x08, + ATA_LOG_ZONED_INFORMATION = 0x09, +- ATA_LOG_CONCURRENT_POSITIONING_RANGES = 0x47, + + /* Identify device SATA settings log:*/ + ATA_LOG_DEVSLP_OFFSET = 0x30, +diff --git a/net/tipc/link.c b/net/tipc/link.c +index 09ae8448f394f..4e7936d9b4424 100644 +--- a/net/tipc/link.c ++++ b/net/tipc/link.c +@@ -2199,7 +2199,7 @@ static int tipc_link_proto_rcv(struct tipc_link *l, struct sk_buff *skb, + struct tipc_msg *hdr = buf_msg(skb); + struct tipc_gap_ack_blks *ga = NULL; + bool reply = msg_probe(hdr), retransmitted = false; +- u16 dlen = msg_data_sz(hdr), glen = 0; ++ u32 dlen = msg_data_sz(hdr), glen = 0; + u16 peers_snd_nxt = msg_next_sent(hdr); + u16 peers_tol = msg_link_tolerance(hdr); + u16 peers_prio = msg_linkprio(hdr); +@@ -2213,6 +2213,10 @@ static int tipc_link_proto_rcv(struct tipc_link *l, struct sk_buff *skb, + void *data; + + trace_tipc_proto_rcv(skb, false, l->name); ++ ++ if (dlen > U16_MAX) ++ goto exit; ++ + if (tipc_link_is_blocked(l) || !xmitq) + goto exit; + +@@ -2308,7 +2312,8 @@ static int tipc_link_proto_rcv(struct tipc_link *l, struct sk_buff *skb, + + /* Receive Gap ACK blocks from peer if any */ + glen = tipc_get_gap_ack_blks(&ga, l, hdr, true); +- ++ if(glen > dlen) ++ break; + tipc_mon_rcv(l->net, data + glen, dlen - glen, l->addr, + &l->mon_state, l->bearer_id); + +diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c +index 407619697292f..2f4d23238a7e3 100644 +--- a/net/tipc/monitor.c ++++ b/net/tipc/monitor.c +@@ -496,6 +496,8 @@ void tipc_mon_rcv(struct net *net, void *data, u16 dlen, u32 addr, + state->probing = false; + + /* Sanity check received domain record */ ++ if (new_member_cnt > MAX_MON_DOMAIN) ++ return; + if (dlen < dom_rec_len(arrv_dom, 0)) + return; + if (dlen != dom_rec_len(arrv_dom, new_member_cnt))
